bloodhound-enterprise
Bloodhound Enterprise: securing Active Directory using graph theory
BloodHound Enterprise: securing Active Directory using graphsPrior to my employment at SpecterOps, I hadn’t worked in the information security industry- as a result, many security related terms and concepts that were tossed around ...
BloodHound Community Edition: A New Era
I’m proud to announce the availability of BloodHound Community Edition (BloodHound CE)!What you need to know:The free and open-source version of BloodHound is now known as BloodHound CE and will remain free and ...
BloodHound Enterprise Learns Some New Tricks
SummaryThe BloodHound code-convergence project brings some significant and long-desired feature enhancements to BloodHound Enterprise (BHE):Cypher search, including pre-built queries for AD and AzureBuilt-in support for offline data collection (i.e., control systems or acquisition ...
Your new best friend: Introducing BloodHound Community Edition
SummarySpecterOps is pleased to announce BloodHound Community Edition (CE) will be available in early access on August 8, 2023! In this blog:BloodHound is now BloodHound CE; new name, slightly different look, same purpose ...
From DA to EA with ESC5
There’s a new, practical way to escalate from Domain Admin to Enterprise Admin.ESC5You’ve heard of ESC1 and ESC8. But what about ESC5? ESC5 is also known as “Vulnerable PKI Object Access Control” ...
Introducing BloodHound 4.3 — Get Global Admin More Often
Introducing BloodHound 4.3 — Get Global Admin More OftenDiscover new attack paths traversing Microsoft Graph and seven new Azure Resource Manager objects.Checking out BloodHound for the first time? Here are some handy resources:Get the latest version ...
Abusing Azure App Service Managed Identity Assignments
IntroAzure App Service is a Platform-as-a-Service product that promises to improve web application deployment, hosting, availability, and security. Web Apps hosted by Azure App Service are organized into Azure App Service Plans, ...
Passwordless Persistence and Privilege Escalation in Azure
Adversaries are always looking for stealthy means of maintaining long-term and stealthy persistence and privilege in a target environment. Certificate-Based Authentication (CBA) is an extremely attractive persistence option in Azure for three ...
Automating Azure Abuse Research — Part 2
Automating Azure Abuse Research — Part 2In Part 1 of this series, we looked at how to port functionality from the Azure GUI to PowerShell. Specifically, we looked at how to replicate the Azure GUI’s ...
Introducing BloodHound 4.2 — The Azure Refactor
Introducing BloodHound 4.2 — The Azure RefactorThe BloodHound Enterprise team is proud to announce the release of BloodHound 4.2 — The Azure Refactor.The primary authors of BloodHound 4.2 are Dillon Lees (@ddlees), Rohan Vazarkar (@CptJesus), Ulises Rangel ...
